UPDATED 6/24/24
The current cyberattack on CDK has thrown the dealership industry into turmoil. According to several of our sources, it looks like it could be next Tuesday or Wednesday before this issue is resolved at CDK. For those of you not on CDK, consider yourselves lucky!! For those of you on CDK, here we offer a few things to consider to help you through this challenging time.
- Insurance – Make sure to contact your insurance carrier. Discuss with them the merits of a claim, how to make a claim and what is needed to make a claim. The claim will likely be made under business interruption or cyber insurance. Depending on how much coverage you have in each situation, it likely won’t matter if it’s one or the other. Just be certain it won’t take long to process a claim.
- Payroll – Depending on how long this takes and whether or not you outsource payroll, this could be an issue. We think paying your people is more important than not. For example, if your accounting team has done all they can do and you send them home, should you pay them, not pay them, or force them to take PTO? The message sent to the rest of the team is as important as the one sent to the affected team. We recommend paying them if they work or not. If you don’t have their payroll records, we recommend paying them based on historical averages and telling them you’ll settle up with them in the future when you get your system back. If you aren’t able to generate payroll checks, then go to the bank with a list of Bank/Cashier’s checks you’d like to buy. Either that or prepare to do manual checks.
- Bank and major vendors – They probably know what’s going on but communication is important here. Call your bank and other major suppliers. Discuss the fact that you aren’t getting funded on deals and likely won’t be able to payoff floorplan or pay other bills for a week or so. Find out if there is any leniency in their agreement with you. Document your call and make sure you talk to the right person (decision maker) in the organization. Get it in writing if possible.
- Inventory tracking and ordering – Talk with your manufacturers. You may not be 100% accurate, but you’ll likely be close enough. Think about the customer and ensuring their lives aren’t interrupted. Be more selective on deals for the next week or so. In other words, don’t do aggressive deals. Consider using your loaner program more liberally. For parts, see if the manufacturer can help with a pricing guide. Make sure to use Excel or something else to ensure you mark parts up properly. Create an electronic RO in Excel. For deals, create a Buyers Order in Excel. Go to hard documents to get the cost of vehicles. Make sure to control these documents using sequential numbers if you do create them.
- Accounting personnel – Before sending them home, make sure to take advantage of the gift of time you’ve been given. Is there filing, shredding, organization, or some other task you always intended on getting to if they had time? If the accounting department is clean and organized, what about other departments? Could they use assistance? Take advantage of this opportunity and make the most out of it. Have “jeans for a day” if they are cleaning or doing other organizational tasks. Try to make it fun.
- CDK setups – Make sure all sales tax, parts markups, G/L mappings to the dealer financial statement, etc. are accurate in CDK when you are back up and running. Don’t assume everything went back to the way it was.
Even if you’re not on CDK, this is a good time to check with your insurance provider and see what remedies you have through insurance. Check your cyber insurance and make sure it is adequate and as much as you can get. If you are using someone other than CDK, make sure to check in with them to see what measures they are taking to avoid being the next victim of a cyberattack. If this can happen to CDK, it can happen to others.
In the words of Mike Tyson “everybody has a plan until they get punched in the mouth.” It’s time to do what you do…stay calm, know this will work its way out, and your business partners/suppliers are there to support you, in addition to the ARB Dealer Services Team.
UPDATE: Over the weekend, CDK issued an update re: the cyber ransom event. The Dealer Resource Center linked here has some helpful information for processing work manually. The update also includes a statement reiterating to employees the importance of being alert to acts of phishing and taking necessary preventative precautions. Employees should only engage with known or validated CDK associates, and they should not provide sensitive information such as passwords or provide system access under any circumstances. There are “piggy-back” phishing calls happening so extra diligence is required to ensure only CDK associates are allowed access to information regarding your system. We recommend having a central place that all requests are filtered through at the dealership to control this more.
We will continue to provide updates as this situation develops.
Bart joined ARB in 1996 and is a Principal with the firm. The growth of ARB’s Auto Dealership Group is a natural result of consistently anticipating the needs of dealerships and providing savvy, sensible and customized services at fair prices.
